Be careful about hidden variables and form variables. A clever user can
create a new form with custom edited fields and ACTION="yoursite.com"
For instance, if you keep a hidden variable:
It's not very hard for a computer saavy person to create a new form
where it says:
And circumvent your
--- bob pilly <[EMAIL PROTECTED]> wrote:
> Is there any security issues with passing data via the
> POST method from a webserver to a different webserver
> running ssl.
There are always security concerns, regardless of your approach. Nothing is
perfect. However, sending data over an SSL connection
2 matches
Mail list logo
